1. Field of the Invention
The present invention relates to an authentication switch, a network system having the authentication switch, and an authentication method associated with the authentication switch, and more particularly to a switch that conducts Web authentication.
2. Description of the Related Art
With the infrastructure of a communication network, a variety of functions for enhancing security has been proposed. A network authentication belongs to one of those functions. A network authentication system is mainly configured by a terminal device such as a PC, an authentication switch, and an authentication server. As a basic operation of the authentication system, an authentication request packet is first output to the authentication switch from the terminal device such as a PC.
JP-A-2011-107796 discloses a system that conducts the Web authentication with the aid of the authentication switch. Upon receiving the authentication request packet, the authentication switch inquires of the authentication server on the basis of authentication information in the received packet about whether the authentication information has been registered, or not. When the authentication switch receives from the authentication server a notification that the authentication information has been registered, the authentication switch makes a source MAC address of the authentication request packet communicatable.
In the Web authentication of the authentication switch, the authentication request packet is transmitted from the terminal to the authentication switch with the use of http, and authentication screen data (login screen data) is returned to the terminal by a Web server within the authentication server. A user who uses the terminal enters information on a user ID, a password, and the like from an authentication login screen (login screen data), and transmits the information to the authentication switch. The authentication switch inquires of the authentication server with the use of the received authentication information such as the user ID or the password, and allows a packet having a MAC address of an appropriate terminal to be transferred if the authentication information has been registered in the authentication server.
JP-A-2011-238162 discloses a system in which if a network device disposed between the authentication server and a client terminal determines that the authentication server stops its function, the network device makes an authentication in an authentication system different from that of the authentication server.